#patch-tuesday
15 stories taggedpatch-tuesday.

Microsoft says AI is finding so many Windows bugs, expect bigger Patch Tuesdays
The company is using multiple AI models to hunt vulnerabilities in Windows code, and warns customers will see more fixes each month as a result.

Adobe Is Doubling Its Patch Releases — Here's Why That Matters
Starting in July, Adobe will push security fixes twice a month instead of once. Blame faster vulnerability discovery, AI-assisted research, and a threat pace that monthly updates can no longer keep up with.

Adobe Rushes Out Fixes for a Dozen Flaws in ColdFusion and Campaign Classic — Six Are as Bad as It Gets
Twelve security holes, six of them rated the highest possible severity, were quietly sitting in two widely used Adobe products. Patches are out. The clock is ticking.

Apple Ships Multi-Component Patch Round Covering iOS, macOS, and Safari
Fixes land for WebKit, the kernel, WebRTC, and Web Extensions — touching every major Apple platform in a single release cycle.

Oracle's June 2026 CPU: 245 Patches Across Communications, EBS, and Enterprise Manager
Oracle's second monthly Critical Patch Update ships a significant fix load. If you're running EBS or Enterprise Manager in AWS or on-prem, your change window just got scheduled for you.

210 CVEs, Three Zero-Days, and a Microsoft Warning That This Is Just the Beginning
June Patch Tuesday sets a volume record. Microsoft says AI-assisted discovery is why, and that you should get used to it.

RoguePlanet Zero-Day Drops as Nightmare Eclipse–Microsoft Feud Reaches New Low
A race-condition bug in Microsoft Defender can yield a SYSTEM shell on fully patched Windows 11 and 10. No patch exists. The researcher dropped it the day after June Patch Tuesday.

Microsoft's October Dump: 206 CVEs, Three Already Public
A record Patch Tuesday hauls in 39 Critical bugs and a trio of zero-days that were knocking around before the fix shipped.

Microsoft Ships Record 200-Bug Patch Tuesday as 'Nightmare Eclipse' Drops Windows Zero-Days
AI-assisted bug hunting, a confrontational researcher, and a Shai-Hulud worm variant inside Microsoft's own repos shape an outsized June rollup.

Microsoft Ships KB5094127 ESU as Secure Boot Cert Rollover Looms
The June 2026 extended security update for Windows 10 patches Patch Tuesday bugs and adds telemetry to track the Secure Boot certificate transition.

Oracle Launches Monthly Patch Cycle With 35-Flaw Drop, Four CVEs Under Active PoC Threat
A CVSS 10 hole in REST Data Services leads the list. Four older bugs with public exploit code deserve faster attention than their scores suggest.

SharePoint's latest RCE bug hands attackers the keys with no extra paperwork
CVE-2026-45659 is a deserialization flaw that doesn't ask for much — and that's exactly why Microsoft is shipping fixes across every supported SharePoint Server build.

Microsoft Rushes Fixes for Two Actively Exploited Defender Zero-Days as CISA Adds Both to KEV
A disgruntled researcher's GitHub exploits may be behind attacks on the Malware Protection Engine and Antimalware Platform — but Microsoft isn't saying so.

April Patch Tuesday Lands With 167 Microsoft Fixes, SharePoint Zero-Day Under Attack
BlueHammer Defender bug goes public, Adobe Reader flaw exploited since November, and Chrome ships its fourth zero-day of the year.

Microsoft Skips a Zero-Day for the First Time in Two Years. Nobody Wants to Talk About Why.
118 fixes shipped, none under active exploit, and a quiet Anthropic project keeps surfacing in vendor briefings. Microsoft, Apple and Oracle declined to discuss it on the record.